Starting Nmap 6.47 ( ) at 21:02 Pacific Daylight Time | TLS_DHE_RSA_WITH_AES_128_CBC_SHA – strong | Issuer: commonName=ProgrammingUnlimited | ssl-cert: Subject: commonName=RANISE01.pu.pri Here is nmap running against my ISE server. In the OWASP example they were testing a mail server so they included smtps, imaps and pop3s ports. You can see that you don’t get quite as much information but if you updating your server’s list of ciphers or inspecting a new version of IOS you get enough and it’s pretty quick. I ran the script against the same servers as in the cipherscan blog. One advantage over cipherscan is that nmap runs on almost every OS. Last night I was reading Testing for Weak SSL/TLS Ciphers on the OWASP site and found an nmap script that gives you a quick and dirty way to check ciphers. Ok, one more blog on cipher suites and then I’m finished (for a while!).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |